def update(request, post_id): user = request.user if request.method != 'POST': raise Http404 post = Post.get_by_id(int(post_id)) if not post or not post.belongs_to(user): return util.respond(False, 'Post doesn\'t exist') post_data = {} for k in ('title', 'body'): if not k in request.POST: return util.respond(False, 'Missing argument \'%s\''%k) post_data[k] = request.POST[k] title_len = len(post_data['title']) if title_len > 80 or title_len < 1: return util.respond(False, 'Post title must be between 1 and 80 letters') body_len = len(post_data['body']) if body_len > 1024 or body_len < 1: return util.respond(False, 'Post body must be between 1 and 1024 letters') post.title = util.xssescape(post_data['title']) post.body = util.xssescape(post_data['body']) post.put() return util.respond(True, post.to_dict())
def create(request): user = request.user if request.method != 'POST': raise Http404 post = {} for k in ('title', 'body'): if not k in request.POST: return util.respond(False, 'Missing argument \'%s\''%k) post[k] = request.POST[k] title_len = len(post['title']) if title_len > 80 or title_len < 1: return util.respond(False, 'Post title must be between 1 and 80 letters') body_len = len(post['body']) if body_len > 1024 or body_len < 1: return util.respond(False, 'Post body must be between 1 and 1024 letters') if user.has_post(post['title']): return util.respond(False, 'You already have a post with that title') post['title'] = util.xssescape(post['title']) post['body'] = util.xssescape(post['body']) post['author'] = user post = Post(**post) try: post.put() user.posts_count += 1 user.put(True) except Exception, e: return util.respond(False, e.message)